Customer register privacy policy  - Checkmark Oy 

1. Controller 

Checkmark Oy Business ID: 2278277-9

Hallipussi 5, 76100 Pieksämäki 

Tel.: +358 20 123 0700 


(hereinafter referred to as “we” or “Checkmark”) 
2. Contact person in matters related to the register 
Jouko Pihlajamäki 

Checkmark, Hallipussi 5, 76100 Pieksämäki 

Tel.: +358 20 123 0711 

3. Name of the register 
Customer register 
4. Legal grounds for and purpose of the processing of personal data 
The processing of personal data is based on the company’s legitimate interests on the grounds of customer relationships or other relevant connections, the performance of a contract or consent given by data subjects. Personal data is processed for the following purposes: 
• Delivery and development of our products and services, and the fulfilment of our contractual and other promises and obligations 

• Management of customer relationships 

• Analysis and profiling of the behaviour of customers and other data subjects 

• Regular and electronic direct marketing 

• Targeted advertising on our online services and those of other parties 
5. What data do we process? 
We process the following personal data about customers and other data subjects, such as trainees, in conjunction with the customer register: 
• Basic details of data subjects, such as their name, profession, customer number and/or other identifier and native language 

• Contact details of data subjects, such as their email address, telephone number and postal address 

• Data about companies or their contact people, such as the business ID and the name and contact details of contact people 

• Data about customer accounts and agreements, such as data about previous and valid agreements and orders, as well as other service-related data 
Customer register privacy policy  Checkmark Oy 
6. What are the regular sources of data? 
We primarily obtain data from the following sources: data subjects, the authorities, credit information companies, providers of contact information services, providers of marketing register services and other similar and reliable parties. 
In addition, personal data can also be collected and updated for the purposes described in this privacy policy from publicly available sources and on the basis of data obtained from the authorities or other third parties within the scope of applicable laws. Data is updated by manual or automated means. 
7. To whom do we disclose or transfer data? Do we transfer any data outside the EU or EEA? 
No data is regularly disclosed to third parties inside or outside the EU or to any other parties, unless this has been expressly agreed upon with each customer. 
8. How do we protect data and for how long do we retain data? 
Only those of our employees who have the right to process customer data have the right to use our system that includes personal data. Each user has a personal username and password for the system. Data is stored in databases that are protected by using firewalls and passwords and by other technical means. The databases and their backup copies are located in locked facilities, and data can only be accessed by certain pre-defined persons. 
We retain personal data for as long as is necessary for the purpose of the processing of personal data.  
We assess the necessity of retention regularly, considering applicable laws. In addition, we carry out reasonable measures to ensure that no incompatible, outdated or incorrect personal data, considering the purpose of use of the register, is retained about data subjects. We will rectify or erase such data without any delay. 
9. What rights do data subjects have? 
Data subjects have the right to access their personal data saved in the register, and to request their data to be rectified or erased. In addition, data subjects have the right to withdraw or change their consent.  
According to the EU General Data Protection Regulation (valid from 25 May 2018), data subjects have the right to object to the processing of their personal data, to request the processing of their personal data to be restricted and to file a complaint with the supervisory authority. 
For specific personal reasons, data subjects also have the right to object to profiling and other processing regarding their personal data when processing is based on the company’s legitimate interests on grounds of a supplier relationship or other relevant connection. In this case, the data subject must specify the situation, on the basis of which they object to processing. The controller can only refuse to fulfil such a request on the basis of grounds defined in the legislation. 
Data subjects have the right, at any time and free of charge, to object to processing, including profiling insofar as it is related to direct marketing. 
Customer register privacy policy  Checkmark Oy 
10. Contact 
All queries and requests related to this privacy policy must be presented in writing or in person to the contact person defined in Section 2. 
11. Changes to this privacy policy 
If we make any changes to this privacy policy, we will highlight the changes, dated, in this privacy policy. If the changes are significant, we may also issue a notification by other means, such as via email or on our website. 

12. Cookies

We want to provide our customers with the best service possible and this is why our website uses cookies. If you continue to use our website, you are consenting to our use of cookies. Cookie policy